Tag Archive for: Thought Leadership

Negative Unemployment: That Giant Sucking Sound In Security

FORBES | March 21, 2017

By Dr. Mike Lloyd, RedSeal CTO

Businesses everywhere are facing the fact: the security talent pool is dry. I spoke to a manager recently who had hired a security analyst after eight months of searching. Each month he had reduced the requirements and increased the salary. Needless to say, in the end, he was getting less than he wanted for a lot more money. If you are a security professional, this seems great – we have one of the few jobs that are not about to be replaced with automation, and there’s no end in sight to the skills shortage.

But if we take a wider view, this is a big economic problem. Security work is either not getting done, or is being done by people who lack the background or aptitude.

Trump’s Budget Proposal to Significantly Boost Cybersecurity Funding

SIGNAL | March 16, 2017

The White House’s first federal budget blueprint unveiled Thursday seeks to fund the nation’s cybersecurity efforts by boosting budgets of the U.S. Defense Department and Department of Homeland Security—an initiative officials say will guard against the magnified threat landscape that is only getting worse.

The budget seeks $1.5 billion for the DHS that will help the government modernize federal computer networks that “can no longer sustain themselves,” White House homeland security adviser Thomas Bossert said a day earlier during Cyber Disrupt 2017, an event hosted by the Center for Strategic and International Studies, or CSIS.

RedSeal CEO Ray Rothrock Says Academic Incubators Help Hone Great Ideas and Leaders at SXSW Panel

As VC, Rothrock Backed Mark43 at Harvard’s iLab

Sunnyvale, Calif.– Today RedSeal (www.redseal.net) CEO Ray Rothrock joined Michael K. Young, President of Texas A&M University, and Jodi Goldstein, Managing Director of the Harvard Innovation Lab at Harvard University, for a panel discussion on academic incubators at South by Southwest (SXSW).

Rothrock, a former managing partner at Venrock, the investment arm of the Rockefeller family, shared his experience working with the academic incubator Harvard Innovation Lab. Rothrock held office hours at Harvard’s iLab, and met with students from Harvard College, Harvard Business School, and the Massachusetts Institute of Technology. He listened to ideas, made some investments, assisted students with business plans and pitches, and even connected students with other investors who might have an interest in their business ideas.

“I invested in three ideas during my time at iLab. One of my investments was Mark43. The team consisted of three graduating seniors from Harvard’s Electrical Engineering program who had a law enforcement idea; traditionally a difficult area for VC money. They graduated, honed the software, and today it is a fast growing company based in NYC,” said Ray Rothrock, chairman and CEO of RedSeal. “They probably could have been successful without me, but the networking and support from the iLab was tremendous.”

Rothrock said “successful academic incubators are more than just bricks and mortar, but places where ideas come at a fast rate, and  get honed and vetted through a large number of smart, interested, involved people.”  According to Rothrock “just a few great deals start in incubators, but the people who start great companies often pass through an incubator along the way.”

The significance of building a cyber incubator to explore solutions and capabilities was also discussed by Rothrock during the panel discussion.

“Cyber requires not only deep skills and knowledge about networks, but also social engineering and psychology. Those skills are usually not found in one person, so it’s essential for teams to form in order for these successful ideas to mature. A cyber incubator would provide a space for multidisciplinary teams to refine these ideas,” said Rothrock.

The panel discussion explored how academic incubators are helping universities and colleges to become more competitive and attractive, and therefore better able to retain talented students and faculty. The South by Southwest® (SXSW®) Conference & Festivals celebrates the convergence of the interactive, film, and music industries.

People, Capital and Continuous Monitoring

MIDDLE MARKET EXECUTIVE | March 7, 2017

With Ray Rothrock, RedSeal Chief Executive Officer

MME: What are your priorities when it comes to growing this middle market business over the next 12 months?

“My job is to resource the company, people and capital, and maybe technology if that’s needed, but it’s mostly people because my priority is to grow this business globally as fast as I can, point one. Point two, we have a database and we’re doing a full conversion of that database so that we can actually get into a full, continuous monitoring across a massive, global network like a large company would have.

Right now, it’s batch. We run our softwares at batch and I want to run it continuously, so we’re in a transition. So, two things, advance sales globally and to get our database up so we can do this continuous monitoring because that’s where the future is. Those are the two things. And so what do I need for that? I need people, and so I need money, so I’m in the fundraising mode right now. That’s my number one job, that’s the key resource I can bring to RedSeal, capital.”

Building A Tougher Wall

ARABIAN COMPUTER NEWS | March 5, 2017

By Ray Rothrock, RedSeal Chief Executive Officer

Ray Rothrock, chairman & CEO of RedSeal, examines the importance of digital resilience in the overall cybersecurity strategy.

Who says prevention is better than cure? Since the advent of networks and hacking, prevention, coupled with detection, has been the primary cyber strategy to counter cyberattacks. But, with the exponential increase in the pace and complexity of digital connections, and sophistication of the attackers, this approach is falling short as the recent Shamoon attacks in Saudi Arabia so clearly demonstrated.

Clearly, we need more and better prevention. But, here’s the cold, hard truth: It’s not a question of if your organisation will suffer a security breach but when – no matter how good your prevention is. Cyber-attacks are now so advanced that, should a hacker’s attention turn to your company, the attack will almost certainly succeed in getting inside your network.  Your mission should be to shut the attacker down – and fast.

 

Why It’s Time for a New Approach to Network Security

COMPUTER BUSINESS REVIEW | 2 March 2017

By Dr. Mike Lloyd, RedSeal CTO

Dr. Mike Lloyd looks at the year ahead for businesses and security and why having an up-to-date, realistic blueprint of your network is now more important than ever.

Barely two months into the New Year and already we face tales of new cybersecurity incidents are flooding in. Whether it’s the theft of sensitive customer data, corporate espionage, damaging ransomware-related outages or state-sponsored hacking, the risks have never been greater. And no organisation can claim to be 100% safe. But with UK firms each suffering an estimated 230,000 attacks on average in 2016, the focus must now be on building resilience into corporate networks to ensure the coming year is a more secure one for organisations.

 

Meet Dr. Mike Lloyd, CTO at RedSeal

With Dr. Mike Lloyd, RedSeal CTO

Forbes Technology Council members are in a wide range of industries and come from a diverse set of experiences. However, they all have lots of great insights to share, from best practices for technology departments to smart predictions for the future of tech. To showcase their expertise, we’re profiling Forbes Technology Council members here on the blog. This week: Dr. Mike Lloyd.

Dr. Mike Lloyd is CTO of RedSeal, a company producing a network modeling and risk scoring platform for building digitally resilient organizations. RedSeal’s Digital Resilience Score, modeled after a creditworthiness score, measures how prepared an organization is to respond to an incident and quickly rebound. Lloyd has more than 25 years of experience modeling and controlling fast-moving, complex security and network systems.

 

Data Dearth Hobbles Cyber Insurance Market

The Deloitte Center for Financial Services just issued a report discussing why cyber insurance has yet to take off. “Demystifying cyber insurance” is an excellent summary of the challenges facing the nascent cyber insurance industry. The authors identify a fundamental problem early in the report: a dearth of data creates a vicious circle that limits both underwriters and customers. Briefly, while cyber insurance underwriters have access to external assessments of the cyber threats a customer faces, the customer’s network itself is a black box.

The situation is analogous to underwriting a life insurance policy based only on the neighborhood the customer lives in. Underwriters ask: Does the neighborhood have indoor plumbing and a modern sewer system?  Is garbage disposed of properly?  Is the community suffering from serious communicable diseases? What criminal activity exists?

All this information is relevant and helpful, but the key missing element is a physical exam of the customer to determine his or her current health profile. Is the applicant overweight? A smoker? An active athlete?  Such an exam provides a much more specific (and actionable) assessment of a customer’s health risk to inform life insurance underwriting.

The same applies to cyber insurance. Underwriters need to understand not only cyber threats in the environment, but also the health of a specific network.  Are all parts of the network identified? Are all network devices set up properly?  Are known vulnerabilities reachable for exploitation?

Ideally, this assessment would involve modeling the network and distilling complicated network security risks into an understandable and comparable score, similar to a credit-worthiness score.  Of course, modeling a network requires a customer’s approval, so the approach must be fast, accurate, and cost-effective.

Cyber insurance promises to be a critical element in effective cyber security management.  The “dearth of data” is a significant obstacle to cyber insurance development, but the effective use of network risk scoring will be crucial to break the vicious circle.

The Internet of Things That Can Attack You

FORBES | February 17, 2017

By Dr. Mike Lloyd, RedSeal CTO

The Internet of Things crashed into the old Internet on Oct 21st, and it wasn’t pretty. A specialized but fairly simple bit of malware known as Mirai was used to cause huge numbers of simple Internet-connected devices (cameras, home routers, baby monitors, etc.) to flood the infrastructure of a service provider called Dyn. This caused widespread collateral damage across the traditional world of social media and entertainment websites.

 

When Talent and Capital Are Priority One

MIDDLE MARKET EXECUTIVE [Podcast] | February 14, 2017

With Ray Rothrock, RedSeal Chief Executive Officer

Pursuing a Cyber Vision: A Call for New Leadership Led an Investor to Roll Up His Sleeves

….It’s very noisy [and crowded in the cyber security market].  95% of those companies are focused on prevention and detection — which is necessary, but is not sufficient in today’s cyber environment with the threat field we are facing